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The Claims 

1 1 . (Previously Presented) A methodology framework for analyzing technology system 

2 including a plurality of components and for designing security into that system, the 

3 framework comprising: 

4 a first system which identifies the security threats for the solution; 

5 a second system having a security reference model comprising a plurality of interrelated 

6 and interdependent security subsystems, the security subsystems further comprising an audit 

7 subsystem, an integrity subsystem, and an information flow control subsystem, the second 

8 system to determine security properties and functions of the information technology system in 

9 terms of the security subsystems; 

10 a third system which is coupled to the second system and which allocates security 

1 1 properties to the components of the information technology system based upon the selected 

12 functions which are derived from the nature and number of the security subsystems within the 

13 information technology system; 

14 a fourth system which is coupled to the third system for allocating the security properties 

15 to the components of the information technology system and which identifies functional 

16 requirements for the components, in terms of the Common Criteria, in order to comply with the 

17 security properties of the component allocated by the third system; and 

18 a fifth system which is coupled to the fourth system and which documents the 

19 requirements for the security components for the information technology system. 
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1 2. (Previously Presented) A framework for designing security into an information 

2 technology system including the elements of Claim 1 wherein the second system which 

3 identifies security properties of the information technology system includes a component 

4 which uses security subsystems for identifying security properties. 



1 3. (Previously Presented) A framework for designing security into an information 

2 technology system including the elements of Claim 2 wherein the standard criteria for 

3 identifying security properties includes a system which maps functions of security 

4 subsystems to an ISO standard 15408, also known as Common Criteria. 

1 4. (Previously Presented) A framework for designing security into an information 

2 technology system including the elements of Claim 1 wherein the framework further 

3 includes a system which documents the solution and the security assumptions using a 

4 solution design security methodology. 

1 5. (Previously Presented) A framework for designing security into information technology 

2 system including the elements of Claim 4 wherein the framework further provides 

3 integrity assurance requirements using a standard set of criteria. 
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1 6. (Previously Presented) A framework for designing security into an information 

2 technology system including the elements of Claim 5 wherein the standard set of criteria 

3 are in accordance with ISO 15408. 

1 7. (Previously Presented) A method of designing security for an information technology 

2 system which includes insecure components, the steps of the method comprising: 

3 identifying the security threats to the system; 

4 determining the security properties within a reference model comprising a plurality of 

5 interconnected and interdependent security subsystems that, inter alia, manage audits, integrity, 

6 and information flow control; 

7 assigning functional details of the plurality of security subsystems to an infrastructure, a 

8 plurality of components, and a plurality of operations of the system; 

9 enumerating security requirements for the infrastructure, components and operations; 

10 developing integrity assurance requirements; and 

1 1 creating at least one functional technology diagram to document security requirements for 

12 the system. 

1 8. (Previously Presented) A method of designing a secure solution including the steps of 

2 Claim 7 wherein the method further includes the step of ranking the security threats to the 

3 overall system and considering the biggest threats to the security properties of the overall 

4 system in terms of the security subsystems. 



Page 4 

Docket No. END9200000116US1 
Serial No. 09/838,749 



Paten t 

Rafter final group aet 2135 j ) 

1 9. (Previously Presented) A method of designing a secure system including the steps of 

2 Claim 8 wherein the step of ranking the security threats to the security properties of the 

3 overall system includes the step of doing less for security threats not considered 

4 substantial threats to the security properties of the overall system in terms of the security 

5 subsystems. 

1 10. (Previously Presented) A method of designing a secure system including the steps of 

2 Claim 7 wherein the method further includes the step of documenting the system 

3 environment and security assumptions and using the environment and security 

4 assumptions in developing the security properties of the overall system. 

1 11. (Previously Presented) A method of designing a secure system including the steps of 

2 Claim 7 wherein the method further includes the step of developing integrity assurance 

3 requirements for the system and using those integrity assurance requirements in the 

4 functional technology diagram(s) for the system. 

1 12. (Previously Presented) A method of securing a solution including the steps of Claim 7 

2 wherein the step of determining the security properties of the overall system includes the 

3 step of using standard criteria for evaluating the solution. 
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1 13. (Previously Presented) A method of securing a solution including the steps of Claim 12 

2 wherein the step of determining the security properties of the overall system includes 

3 the step of using the Common Criteria of ISO Standard 15408. 

1 14. (Previously Presented) A method of securing a system including the steps of Claim 7 

2 wherein the step of enumerating security requirements for infrastructure, components and 

3 operations includes the step of using an industry standard security criteria. 

1 15. (Previously Presented) A method of securing a system including the steps of Claim 14 

2 wherein the step of using an industry standard security criteria includes the step of using 

3 Common Criteria which conforms to ISO Standard 15408. 

1 16. (Previously Presented) A method of securing a system including the steps of Claim 7 

2 wherein the step of enumerating security requirements for infrastructure, components and 

3 operations includes the step of identifying, enumerating and describing a number of 

4 security subsystems that in total represent the security function of the solution. 
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